libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 8.0 | |
libvirt | lt | 1.3.1 |